From owner-cvs-src@FreeBSD.ORG Tue Apr 25 01:36:13 2006 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB0A516A400; Tue, 25 Apr 2006 01:36:13 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6180F43D49; Tue, 25 Apr 2006 01:36:13 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id 3F1891A4DF8; Mon, 24 Apr 2006 18:36:13 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 65F9D558B2; Mon, 24 Apr 2006 21:35:26 -0400 (EDT) Date: Mon, 24 Apr 2006 21:35:25 -0400 From: Kris Kennaway To: Sam Leffler Message-ID: <20060425013525.GA22427@xor.obsecurity.org> References: <200604250021.k3P0LvUZ033748@repoman.freebsd.org> <444D6D54.1000007@errno.com> <20060425003615.GA21881@xor.obsecurity.org> <444D7114.1020106@errno.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="y0ulUmNC+osPPQO6" Content-Disposition: inline In-Reply-To: <444D7114.1020106@errno.com> User-Agent: Mutt/1.4.2.1i Cc: cvs-src@FreeBSD.org, Mohan Srinivasan , cvs-all@FreeBSD.org, src-committers@FreeBSD.org, Kris Kennaway Subject: Re: cvs commit: src/sys/nfsserver nfsrvcache.h X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Apr 2006 01:36:13 -0000 --y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 24, 2006 at 05:45:08PM -0700, Sam Leffler wrote: > Kris Kennaway wrote: > >On Mon, Apr 24, 2006 at 05:29:08PM -0700, Sam Leffler wrote: > >>Mohan Srinivasan wrote: > >>>mohans 2006-04-25 00:21:57 UTC > >>> > >>> FreeBSD src repository > >>> > >>> Modified files: > >>> sys/nfsserver nfsrvcache.h=20 > >>> Log: > >>> Bump up the NFS server dupreq cache limit to 2K (from 64). With a sma= ll > >>> duplicate request cache, under heavy load a lot of non-idempotent=20 > >>> requests > >>> were getting served again, resulting in errors. > >>How does increasing the cache size fix this problem? > > > >Fundamentally it doesn't, this change just pushes it out of the regime > >where it's trivial to overflow. >=20 > Why is it hard to do a real fix? Or is this a temporary bandaid? AFAIK (Mohan will know more) other implementations do the same thing as we do, up to making the cache size scaled to RAM instead of statically sized. I guess if you make sure you hold on to every packet for a suitably long period of time then you can be sure you don't accidentally let through very delayed duplicate/retransmitted packets, but this could have unbounded memory requirements on a busy server. The main point though was that 64 is ludicrously low and easily overflowed in practise, and this change has minimal impact, mitigates the problem in practise, and is suitable for merging to 6.1. Kris --y0ulUmNC+osPPQO6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFETXzdWry0BWjoQKURAh2sAKDvYm1rQiIVrZQ6WYfwKc4CGhKoIgCfaU/p 5ppK1iuBxFw5xzeVDi2RuuQ= =mZZD -----END PGP SIGNATURE----- --y0ulUmNC+osPPQO6--